Bitcoin Core Vulnerability Exposes Risks in Datacarrier Limits: NVD Flags Security Concerns

blockchain.news:

The Discovery of the Vulnerability

The National Vulnerability Database (NVD), a comprehensive cybersecurity resource, recently flagged a significant security risk associated with Bitcoin Core and Bitcoin Knots. Specifically, the vulnerability, cataloged as CVE-2023-50428, affects versions of Bitcoin Core up to 26.0 and Bitcoin Knots before 25.1.knots20231115. This issue centers around the ability to bypass datacarrier size limits by disguising data as code, a method employed notably by the Inscriptions group in both 2022 and 2023​​​​​​.

Impact and Exploitation

This vulnerability has real-world implications for the Bitcoin network. By allowing the bypassing of datacarrier limits, the network could be inundated with non-transactional data. This spamming potential poses a risk of clogging the blockchain, which could, in turn, affect network performance and transaction fees. The concern is far from theoretical, having been actively exploited, as evidenced by the activities of the Ordinals inscriptions in recent years​​.

Ordinals and Network Congestion

The Ordinals Protocol, gaining traction in late 2022, plays a central role in this scenario. This protocol involves embedding additional data, ranging from images to text, onto a satoshi, Bitcoin's smallest unit. This process effectively turns each satoshi into a unique entity, similar in concept to non-fungible tokens (NFTs) on networks like Ethereum. However, the increased popularity of Ordinals transactions has led to heightened network congestion. This rise in traffic is responsible for increased transaction fees and slower processing times, presenting significant challenges for Bitcoin's network stability and efficiency​​.

Developer Response and Future Outlook

I